<!DOCTYPE HTML>

<html lang="en">
<head>

<title>CasAuthenticationFilter (spring-security-docs 5.6.3 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
    try {
        if (location.href.indexOf('is-external=true') == -1) {
            parent.document.title="CasAuthenticationFilter (spring-security-docs 5.6.3 API)";
        }
    }
    catch(err) {
    }
//-->
var data = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":10,"i7":10,"i8":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">

<div class="topNav"><a id="navbar.top">

</a>
<div class="skipNav"><a href="CasAuthenticationFilter.html#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_top");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">

</a></div>

</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>

<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.springframework.security.cas.web</a></div>
<h2 title="Class CasAuthenticationFilter" class="title">Class CasAuthenticationFilter</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li>org.springframework.web.filter.GenericFilterBean</li>
<li>
<ul class="inheritance">
<li><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter</a></li>
<li>
<ul class="inheritance">
<li>org.springframework.security.cas.web.CasAuthenticationFilter</li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><code>javax.servlet.Filter</code>, <code>org.springframework.beans.factory.Aware</code>, <code>org.springframework.beans.factory.BeanNameAware</code>, <code>org.springframework.beans.factory.DisposableBean</code>, <code>org.springframework.beans.factory.InitializingBean</code>, <code>org.springframework.context.ApplicationEventPublisherAware</code>, <code>org.springframework.context.EnvironmentAware</code>, <code>org.springframework.context.MessageSourceAware</code>, <code>org.springframework.core.env.EnvironmentCapable</code>, <code>org.springframework.web.context.ServletContextAware</code></dd>
</dl>
<hr>
<pre>public class <span class="typeNameLabel">CasAuthenticationFilter</span>
extends <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></pre>
<div class="block">Processes a CAS service ticket, obtains proxy granting tickets, and processes proxy
tickets.
<h2>Service Tickets</h2>
<p>
A service ticket consists of an opaque ticket string. It arrives at this filter by the
user's browser successfully authenticating using CAS, and then receiving a HTTP
redirect to a <code>service</code>. The opaque ticket string is presented in the
<code>ticket</code> request parameter.
<p>
This filter monitors the <code>service</code> URL so it can receive the service ticket
and process it. By default this filter processes the URL <tt>/login/cas</tt>. When
processing this URL, the value of <a href="../ServiceProperties.html#getService()"><code>ServiceProperties.getService()</code></a> is used as the
<tt>service</tt> when validating the <code>ticket</code>. This means that it is
important that <a href="../ServiceProperties.html#getService()"><code>ServiceProperties.getService()</code></a> specifies the same value as the
<tt>filterProcessesUrl</tt>.
<p>
Processing the service ticket involves creating a
<code>UsernamePasswordAuthenticationToken</code> which uses
<a href="CasAuthenticationFilter.html#CAS_STATEFUL_IDENTIFIER"><code>CAS_STATEFUL_IDENTIFIER</code></a> for the <code>principal</code> and the opaque ticket
string as the <code>credentials</code>.
<h2>Obtaining Proxy Granting Tickets</h2>
<p>
If specified, the filter can also monitor the <code>proxyReceptorUrl</code>. The filter
will respond to requests matching this url so that the CAS Server can provide a PGT to
the filter. Note that in addition to the <code>proxyReceptorUrl</code> a non-null
<code>proxyGrantingTicketStorage</code> must be provided in order for the filter to
respond to proxy receptor requests. By configuring a shared
<code>ProxyGrantingTicketStorage</code> between the <code>TicketValidator</code> and the
CasAuthenticationFilter one can have the CasAuthenticationFilter handle the proxying
requirements for CAS.
<h2>Proxy Tickets</h2>
<p>
The filter can process tickets present on any url. This is useful when wanting to
process proxy tickets. In order for proxy tickets to get processed
<a href="../ServiceProperties.html#isAuthenticateAllArtifacts()"><code>ServiceProperties.isAuthenticateAllArtifacts()</code></a> must return <code>true</code>.
Additionally, if the request is already authenticated, authentication will <b>not</b>
occur. Last, <a href="../../authentication/AuthenticationDetailsSource.html#buildDetails(C)"><code>AuthenticationDetailsSource.buildDetails(Object)</code></a> must return a
<a href="authentication/ServiceAuthenticationDetails.html" title="interface in org.springframework.security.cas.web.authentication"><code>ServiceAuthenticationDetails</code></a>. This can be accomplished using the
<a href="authentication/ServiceAuthenticationDetailsSource.html" title="class in org.springframework.security.cas.web.authentication"><code>ServiceAuthenticationDetailsSource</code></a>. In this case
<a href="authentication/ServiceAuthenticationDetails.html#getServiceUrl()"><code>ServiceAuthenticationDetails.getServiceUrl()</code></a> will be used for the service url.
<p>
Processing the proxy ticket involves creating a
<code>UsernamePasswordAuthenticationToken</code> which uses
<a href="CasAuthenticationFilter.html#CAS_STATELESS_IDENTIFIER"><code>CAS_STATELESS_IDENTIFIER</code></a> for the <code>principal</code> and the opaque ticket
string as the <code>credentials</code>. When a proxy ticket is successfully
authenticated, the FilterChain continues and the
<code>authenticationSuccessHandler</code> is not used.
<h2>Notes about the <code>AuthenticationManager</code></h2>
<p>
The configured <code>AuthenticationManager</code> is expected to provide a provider
that can recognise <code>UsernamePasswordAuthenticationToken</code>s containing this
special <code>principal</code> name, and process them accordingly by validation with
the CAS server. Additionally, it should be capable of using the result of
<a href="authentication/ServiceAuthenticationDetails.html#getServiceUrl()"><code>ServiceAuthenticationDetails.getServiceUrl()</code></a> as the service when validating the
ticket.
<h2>Example Configuration</h2>
<p>
An example configuration that supports service tickets, obtaining proxy granting
tickets, and proxy tickets is illustrated below:
<pre> &lt;b:bean id=&quot;serviceProperties&quot;
     class=&quot;org.springframework.security.cas.ServiceProperties&quot;
     p:service=&quot;https://service.example.com/cas-sample/login/cas&quot;
     p:authenticateAllArtifacts=&quot;true&quot;/&gt;
 &lt;b:bean id=&quot;casEntryPoint&quot;
     class=&quot;org.springframework.security.cas.web.CasAuthenticationEntryPoint&quot;
     p:serviceProperties-ref=&quot;serviceProperties&quot; p:loginUrl=&quot;https://login.example.org/cas/login&quot; /&gt;
 &lt;b:bean id=&quot;casFilter&quot;
     class=&quot;org.springframework.security.cas.web.CasAuthenticationFilter&quot;
     p:authenticationManager-ref=&quot;authManager&quot;
     p:serviceProperties-ref=&quot;serviceProperties&quot;
     p:proxyGrantingTicketStorage-ref=&quot;pgtStorage&quot;
     p:proxyReceptorUrl=&quot;/login/cas/proxyreceptor&quot;&gt;
     &lt;b:property name=&quot;authenticationDetailsSource&quot;&gt;
         &lt;b:bean class=&quot;org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource&quot;/&gt;
     &lt;/b:property&gt;
     &lt;b:property name=&quot;authenticationFailureHandler&quot;&gt;
         &lt;b:bean class=&quot;org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler&quot;
             p:defaultFailureUrl=&quot;/casfailed.jsp&quot;/&gt;
     &lt;/b:property&gt;
 &lt;/b:bean&gt;
 &lt;!--
     NOTE: In a real application you should not use an in memory implementation. You will also want
           to ensure to clean up expired tickets by calling ProxyGrantingTicketStorage.cleanup()
  --&gt;
 &lt;b:bean id=&quot;pgtStorage&quot; class=&quot;org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl&quot;/&gt;
 &lt;b:bean id=&quot;casAuthProvider&quot; class=&quot;org.springframework.security.cas.authentication.CasAuthenticationProvider&quot;
     p:serviceProperties-ref=&quot;serviceProperties&quot;
     p:key=&quot;casAuthProviderKey&quot;&gt;
     &lt;b:property name=&quot;authenticationUserDetailsService&quot;&gt;
         &lt;b:bean
             class=&quot;org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper&quot;&gt;
             &lt;b:constructor-arg ref=&quot;userService&quot; /&gt;
         &lt;/b:bean&gt;
     &lt;/b:property&gt;
     &lt;b:property name=&quot;ticketValidator&quot;&gt;
         &lt;b:bean
             class=&quot;org.jasig.cas.client.validation.Cas20ProxyTicketValidator&quot;
             p:acceptAnyProxy=&quot;true&quot;
             p:proxyCallbackUrl=&quot;https://service.example.com/cas-sample/login/cas/proxyreceptor&quot;
             p:proxyGrantingTicketStorage-ref=&quot;pgtStorage&quot;&gt;
             &lt;b:constructor-arg value=&quot;https://login.example.org/cas&quot; /&gt;
         &lt;/b:bean&gt;
     &lt;/b:property&gt;
     &lt;b:property name=&quot;statelessTicketCache&quot;&gt;
         &lt;b:bean class=&quot;org.springframework.security.cas.authentication.EhCacheBasedTicketCache&quot;&gt;
             &lt;b:property name=&quot;cache&quot;&gt;
                 &lt;b:bean class=&quot;net.sf.ehcache.Cache&quot;
                   init-method=&quot;initialise&quot;
                   destroy-method=&quot;dispose&quot;&gt;
                     &lt;b:constructor-arg value=&quot;casTickets&quot;/&gt;
                     &lt;b:constructor-arg value=&quot;50&quot;/&gt;
                     &lt;b:constructor-arg value=&quot;true&quot;/&gt;
                     &lt;b:constructor-arg value=&quot;false&quot;/&gt;
                     &lt;b:constructor-arg value=&quot;3600&quot;/&gt;
                     &lt;b:constructor-arg value=&quot;900&quot;/&gt;
                 &lt;/b:bean&gt;
             &lt;/b:property&gt;
         &lt;/b:bean&gt;
     &lt;/b:property&gt;
 &lt;/b:bean&gt;
 </pre></div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.summary">

</a>
<h3>Field Summary</h3>
<table class="memberSummary">
<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Field</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#CAS_STATEFUL_IDENTIFIER">CAS_STATEFUL_IDENTIFIER</a></span></code></th>
<td class="colLast">
<div class="block">Used to identify a CAS request for a stateful user agent, such as a web browser.</div>
</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>static java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#CAS_STATELESS_IDENTIFIER">CAS_STATELESS_IDENTIFIER</a></span></code></th>
<td class="colLast">
<div class="block">Used to identify a CAS request for a stateless user agent, such as a remoting
protocol client (e.g.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="fields.inherited.from.class.org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter">

</a>
<h3>Fields inherited from class&nbsp;org.springframework.security.web.authentication.<a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></h3>
<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#authenticationDetailsSource">authenticationDetailsSource</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#eventPublisher">eventPublisher</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#messages">messages</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="fields.inherited.from.class.org.springframework.web.filter.GenericFilterBean">

</a>
<h3>Fields inherited from class&nbsp;org.springframework.web.filter.GenericFilterBean</h3>
<code>logger</code></li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">

</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#%3Cinit%3E()">CasAuthenticationFilter</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">

</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code><a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#attemptAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">attemptAuthentication</a></span>&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response)</code></th>
<td class="colLast">
<div class="block">Performs actual authentication.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>protected java.lang.String</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#obtainArtifact(javax.servlet.http.HttpServletRequest)">obtainArtifact</a></span>&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request)</code></th>
<td class="colLast">
<div class="block">If present, gets the artifact (CAS ticket) from the <code>HttpServletRequest</code>.</div>
</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code>protected boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#requiresAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">requiresAuthentication</a></span>&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response)</code></th>
<td class="colLast">
<div class="block">Overridden to provide proxying capabilities.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)">setAuthenticationFailureHandler</a></span>&#8203;(<a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication">AuthenticationFailureHandler</a>&nbsp;failureHandler)</code></th>
<td class="colLast">
<div class="block">Wraps the <a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication"><code>AuthenticationFailureHandler</code></a> to distinguish between handling
proxy ticket authentication failures and service ticket failures.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#setProxyAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)">setProxyAuthenticationFailureHandler</a></span>&#8203;(<a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication">AuthenticationFailureHandler</a>&nbsp;proxyFailureHandler)</code></th>
<td class="colLast">
<div class="block">Sets the <a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication"><code>AuthenticationFailureHandler</code></a> for proxy requests.</div>
</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#setProxyGrantingTicketStorage(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage)">setProxyGrantingTicketStorage</a></span>&#8203;(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage&nbsp;proxyGrantingTicketStorage)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#setProxyReceptorUrl(java.lang.String)">setProxyReceptorUrl</a></span>&#8203;(java.lang.String&nbsp;proxyReceptorUrl)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#setServiceProperties(org.springframework.security.cas.ServiceProperties)">setServiceProperties</a></span>&#8203;(<a href="../ServiceProperties.html" title="class in org.springframework.security.cas">ServiceProperties</a>&nbsp;serviceProperties)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>protected void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="CasAuthenticationFilter.html#successfulAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,javax.servlet.FilterChain,org.springframework.security.core.Authentication)">successfulAuthentication</a></span>&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request,
javax.servlet.http.HttpServletResponse&nbsp;response,
javax.servlet.FilterChain&nbsp;chain,
<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authResult)</code></th>
<td class="colLast">
<div class="block">Default behaviour for successful authentication.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter">

</a>
<h3>Methods inherited from class&nbsp;org.springframework.security.web.authentication.<a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></h3>
<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#afterPropertiesSet()">afterPropertiesSet</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#doFilter(javax.servlet.ServletRequest,javax.servlet.ServletResponse,javax.servlet.FilterChain)">doFilter</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#getAllowSessionCreation()">getAllowSessionCreation</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#getAuthenticationManager()">getAuthenticationManager</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#getFailureHandler()">getFailureHandler</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#getRememberMeServices()">getRememberMeServices</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#getSuccessHandler()">getSuccessHandler</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setAllowSessionCreation(boolean)">setAllowSessionCreation</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher)">setApplicationEventPublisher</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource)">setAuthenticationDetailsSource</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setAuthenticationManager(org.springframework.security.authentication.AuthenticationManager)">setAuthenticationManager</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler)">setAuthenticationSuccessHandler</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setContinueChainBeforeSuccessfulAuthentication(boolean)">setContinueChainBeforeSuccessfulAuthentication</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setFilterProcessesUrl(java.lang.String)">setFilterProcessesUrl</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setMessageSource(org.springframework.context.MessageSource)">setMessageSource</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setRememberMeServices(org.springframework.security.web.authentication.RememberMeServices)">setRememberMeServices</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setRequiresAuthenticationRequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)">setRequiresAuthenticationRequestMatcher</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setSessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy)">setSessionAuthenticationStrategy</a>, <a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#unsuccessfulAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,org.springframework.security.core.AuthenticationException)">unsuccessfulAuthentication</a></code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.org.springframework.web.filter.GenericFilterBean">

</a>
<h3>Methods inherited from class&nbsp;org.springframework.web.filter.GenericFilterBean</h3>
<code>addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext</code></li>
</ul>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">

</a>
<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.detail">

</a>
<h3>Field Detail</h3>
<a id="CAS_STATEFUL_IDENTIFIER">

</a>
<ul class="blockList">
<li class="blockList">
<h4>CAS_STATEFUL_IDENTIFIER</h4>
<pre>public static final&nbsp;java.lang.String CAS_STATEFUL_IDENTIFIER</pre>
<div class="block">Used to identify a CAS request for a stateful user agent, such as a web browser.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.springframework.security.cas.web.CasAuthenticationFilter.CAS_STATEFUL_IDENTIFIER">Constant Field Values</a></dd>
</dl>
</li>
</ul>
<a id="CAS_STATELESS_IDENTIFIER">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>CAS_STATELESS_IDENTIFIER</h4>
<pre>public static final&nbsp;java.lang.String CAS_STATELESS_IDENTIFIER</pre>
<div class="block">Used to identify a CAS request for a stateless user agent, such as a remoting
protocol client (e.g. Hessian, Burlap, SOAP etc). Results in a more aggressive
caching strategy being used, as the absence of a <code>HttpSession</code> will
result in a new authentication attempt on every request.</div>
<dl>
<dt><span class="seeLabel">See Also:</span></dt>
<dd><a href="../../../../../constant-values.html#org.springframework.security.cas.web.CasAuthenticationFilter.CAS_STATELESS_IDENTIFIER">Constant Field Values</a></dd>
</dl>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">

</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;()">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>CasAuthenticationFilter</h4>
<pre>public&nbsp;CasAuthenticationFilter()</pre>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">

</a>
<h3>Method Detail</h3>
<a id="successfulAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,javax.servlet.FilterChain,org.springframework.security.core.Authentication)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>successfulAuthentication</h4>
<pre class="methodSignature">protected final&nbsp;void&nbsp;successfulAuthentication&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request,
                                              javax.servlet.http.HttpServletResponse&nbsp;response,
                                              javax.servlet.FilterChain&nbsp;chain,
                                              <a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authResult)
                                       throws java.io.IOException,
                                              javax.servlet.ServletException</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from class:&nbsp;<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#successfulAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,javax.servlet.FilterChain,org.springframework.security.core.Authentication)">AbstractAuthenticationProcessingFilter</a></code></span></div>
<div class="block">Default behaviour for successful authentication.
<ol>
<li>Sets the successful <tt>Authentication</tt> object on the
<a href="../../core/context/SecurityContextHolder.html" title="class in org.springframework.security.core.context"><code>SecurityContextHolder</code></a></li>
<li>Informs the configured <tt>RememberMeServices</tt> of the successful login</li>
<li>Fires an <a href="../../authentication/event/InteractiveAuthenticationSuccessEvent.html" title="class in org.springframework.security.authentication.event"><code>InteractiveAuthenticationSuccessEvent</code></a> via the configured
<tt>ApplicationEventPublisher</tt></li>
<li>Delegates additional behaviour to the
<a href="../../web/authentication/AuthenticationSuccessHandler.html" title="interface in org.springframework.security.web.authentication"><code>AuthenticationSuccessHandler</code></a>.</li>
</ol>
Subclasses can override this method to continue the <code>FilterChain</code> after
successful authentication.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#successfulAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse,javax.servlet.FilterChain,org.springframework.security.core.Authentication)">successfulAuthentication</a></code>&nbsp;in class&nbsp;<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></code></dd>
<dd><code>authResult</code> - the object returned from the <tt>attemptAuthentication</tt>
method.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>java.io.IOException</code></dd>
<dd><code>javax.servlet.ServletException</code></dd>
</dl>
</li>
</ul>
<a id="attemptAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>attemptAuthentication</h4>
<pre class="methodSignature">public&nbsp;<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;attemptAuthentication&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request,
                                            javax.servlet.http.HttpServletResponse&nbsp;response)
                                     throws <a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a>,
                                            java.io.IOException</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from class:&nbsp;<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#attemptAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">AbstractAuthenticationProcessingFilter</a></code></span></div>
<div class="block">Performs actual authentication.
<p>
The implementation should do one of the following:
<ol>
<li>Return a populated authentication token for the authenticated user, indicating
successful authentication</li>
<li>Return null, indicating that the authentication process is still in progress.
Before returning, the implementation should perform any additional work required to
complete the process.</li>
<li>Throw an <tt>AuthenticationException</tt> if the authentication process
fails</li>
</ol></div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#attemptAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">attemptAuthentication</a></code>&nbsp;in class&nbsp;<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>request</code> - from which to extract parameters and perform the authentication</dd>
<dd><code>response</code> - the response, which may be needed if the implementation has to do a
redirect as part of a multi-stage authentication process (such as OpenID).</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the authenticated user token, or null if authentication is incomplete.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></code> - if authentication fails.</dd>
<dd><code>java.io.IOException</code></dd>
</dl>
</li>
</ul>
<a id="obtainArtifact(javax.servlet.http.HttpServletRequest)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>obtainArtifact</h4>
<pre class="methodSignature">protected&nbsp;java.lang.String&nbsp;obtainArtifact&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request)</pre>
<div class="block">If present, gets the artifact (CAS ticket) from the <code>HttpServletRequest</code>.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>request</code> - </dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>if present the artifact from the <code>HttpServletRequest</code>, else null</dd>
</dl>
</li>
</ul>
<a id="requiresAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>requiresAuthentication</h4>
<pre class="methodSignature">protected&nbsp;boolean&nbsp;requiresAuthentication&#8203;(javax.servlet.http.HttpServletRequest&nbsp;request,
                                         javax.servlet.http.HttpServletResponse&nbsp;response)</pre>
<div class="block">Overridden to provide proxying capabilities.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#requiresAuthentication(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)">requiresAuthentication</a></code>&nbsp;in class&nbsp;<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if the filter should attempt authentication,
<code>false</code> otherwise.</dd>
</dl>
</li>
</ul>
<a id="setProxyAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setProxyAuthenticationFailureHandler</h4>
<pre class="methodSignature">public final&nbsp;void&nbsp;setProxyAuthenticationFailureHandler&#8203;(<a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication">AuthenticationFailureHandler</a>&nbsp;proxyFailureHandler)</pre>
<div class="block">Sets the <a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication"><code>AuthenticationFailureHandler</code></a> for proxy requests.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>proxyFailureHandler</code> - </dd>
</dl>
</li>
</ul>
<a id="setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setAuthenticationFailureHandler</h4>
<pre class="methodSignature">public final&nbsp;void&nbsp;setAuthenticationFailureHandler&#8203;(<a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication">AuthenticationFailureHandler</a>&nbsp;failureHandler)</pre>
<div class="block">Wraps the <a href="../../web/authentication/AuthenticationFailureHandler.html" title="interface in org.springframework.security.web.authentication"><code>AuthenticationFailureHandler</code></a> to distinguish between handling
proxy ticket authentication failures and service ticket failures.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Overrides:</span></dt>
<dd><code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html#setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler)">setAuthenticationFailureHandler</a></code>&nbsp;in class&nbsp;<code><a href="../../web/authentication/AbstractAuthenticationProcessingFilter.html" title="class in org.springframework.security.web.authentication">AbstractAuthenticationProcessingFilter</a></code></dd>
</dl>
</li>
</ul>
<a id="setProxyReceptorUrl(java.lang.String)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setProxyReceptorUrl</h4>
<pre class="methodSignature">public final&nbsp;void&nbsp;setProxyReceptorUrl&#8203;(java.lang.String&nbsp;proxyReceptorUrl)</pre>
</li>
</ul>
<a id="setProxyGrantingTicketStorage(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setProxyGrantingTicketStorage</h4>
<pre class="methodSignature">public final&nbsp;void&nbsp;setProxyGrantingTicketStorage&#8203;(org.jasig.cas.client.proxy.ProxyGrantingTicketStorage&nbsp;proxyGrantingTicketStorage)</pre>
</li>
</ul>
<a id="setServiceProperties(org.springframework.security.cas.ServiceProperties)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>setServiceProperties</h4>
<pre class="methodSignature">public final&nbsp;void&nbsp;setServiceProperties&#8203;(<a href="../ServiceProperties.html" title="class in org.springframework.security.cas">ServiceProperties</a>&nbsp;serviceProperties)</pre>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>

<footer role="contentinfo">
<nav role="navigation">

<div class="bottomNav"><a id="navbar.bottom">

</a>
<div class="skipNav"><a href="CasAuthenticationFilter.html#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_bottom");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="CasAuthenticationFilter.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">

</a></div>

</nav>
</footer>
<script>if (window.parent == window) {(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create', 'UA-2728886-23', 'auto', {'siteSpeedSampleRate': 100});ga('send', 'pageview');}</script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7040dd9cba6e97cf","token":"bffcb8a918ae4755926f76178bfbd26b","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>
